apxtri/adminapi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow port in cors

Browse Source
This commit is contained in:
philc
2026-02-26 13:53:43 +01:00
parent f126c82cf3
commit bfd9da14ab
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
apxtri/apxtri.js
View File

@@ -324,19 +324,17 @@ apxtri.runexpress = async (tribesdns, conf) => {
const regorigin = new RegExp(regtxt);
app.use(cors({
origin: function (origin, callback) {
// Allow requests with no origin (like mobile apps, curl, etc.)
if (!origin) {
return callback(null, true);
}
// Check if origin matches allowed domains pattern
if (regorigin.test(origin)) {
return callback(null, true);
} else {
console.log(
`CORS blocked: ${origin} does not match pattern ${regtxt}. Add it in itm/tribename.json in dns.`
);
return callback(new Error('Not allowed by CORS'));
return callback(null, false);
}
},
allowedHeaders: conf.api.exposedHeaders,
@@ -345,6 +343,14 @@ apxtri.runexpress = async (tribesdns, conf) => {
preflightContinue: false,
optionsSuccessStatus: 204,
}));
app.use((req, res, next) => {
const origin = req.headers.origin;
if (origin && !regorigin.test(origin)) {
return res.status(403).json({ error: 'CORS not allowed' });
}
next();
});
/*app.use((req, res, next) => {
let cor = false;
//console.log(req.headers)